e78f8ff04662de149dbccafd6e6750bd44477a218c1827e880240a57f3842014[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

e78f8ff04662de149dbccafd6e6750bd44477a218c1827e880240a57f3842014.exe
Size

101KB
MD5

4f2515c506e45e7fdbcc74d1caff5406
SHA1

a0b1b203814716b3ae2e4af02c6ed59f10410c49
SHA256

e78f8ff04662de149dbccafd6e6750bd44477a218c1827e880240a57f3842014
SHA512

a0622f7ae01e7eb5438a849a5380b084b77125d8876ebd9fd92a1a83272f3729411a74d19fcc33906051ef3aa7d94352727a840df993e5a4369cf5a6d69e7545
SSDEEP

1536:Th62MmOrg0YHCBjLs2siO97Aa+/TeUDen8idqwFsUWgTFPxHElSAi3qNnh9r789N:YSoUiiAX/fqnBcxU9ySN3qNnhB89E6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e78f8ff04662de149dbccafd6e6750bd44477a218c1827e880240a57f3842014.exe

Files

e78f8ff04662de149dbccafd6e6750bd44477a218c1827e880240a57f3842014.exe
.exe windows:5 windows x86 arch:x86

fca6ebbd9e94498bb41d21ec85f3e408

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW

msvcrt

_adjust_fdiv
wcslen
_initterm
wcsrchr
wcscpy
vswprintf
_purecall
__RTDynamicCast
_onexit
??3@YAXPAX@Z
mbstowcs
__dllonexit
_wcsicmp
wcscmp
??1type_info@@UAE@XZ
?terminate@@YAXXZ
malloc
_wcsupr
free
wcstoul
wcsstr
wcschr
_except_handler3
??2@YAPAXI@Z
memmove
wcscat

certcli

CASetCertTypeExtension
CAGetCAProperty
CASetCertTypeKeySpec
CAFindByName
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CAGetCertTypeExtensions
CACloseCertType
CAFreeCAProperty
CAGetCertTypeProperty
CAAddCACertificateType
CAUpdateCertType
CACreateCertType
CASetCertTypeFlags
CACertTypeGetSecurity
CAFindCertTypeByName
CACloseCA
CAEnumNextCertType
CASetCertTypeProperty
CARemoveCACertificateType
CAEnumCertTypesForCA
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAUpdateCA
CAGetCertTypeKeySpec
CAEnumCertTypes
CAGetCertTypeFlags

kernel32

GetComputerNameW
GetSystemWindowsDirectoryW
LoadLibraryW
SetLastError
DeleteCriticalSection
GlobalUnlock
InterlockedDecrement
OutputDebugStringA
SetUnhandledExceptionFilter
RemoveDirectoryA
lstrcpyW
LocalReAlloc
CreateFileW
GetCurrentProcess
FileTimeToSystemTime
lstrlenW
GetModuleHandleA
GetSystemTimeAsFileTime
GetTickCount
GetStartupInfoA
CloseHandle
lstrcmpiW
WideCharToMultiByte
InitializeCriticalSection
IsBadReadPtr
GetDateFormatW
GlobalAlloc
LocalFree
GetModuleFileNameW
GetEnvironmentStringsW
GetLastError
GetSystemDefaultLangID
OutputDebugStringW
GlobalFree
GlobalLock
QueryPerformanceCounter
InterlockedIncrement
FormatMessageW
FileTimeToLocalFileTime
GetACP

user32

SendDlgItemMessageW
EnableWindow
WinHelpW
GetDC
SetWindowLongW
LoadIconW
GetParent
SetFocus
MessageBoxW
wsprintfW
RegisterClipboardFormatW
SystemParametersInfoW
ReleaseDC
DialogBoxParamW
InsertMenuItemW
EndDialog
SetWindowTextW
GetDlgItemTextA
SendMessageW
LoadBitmapW
LoadImageW
PostMessageW
GetDlgItem
LoadStringW
SetDlgItemTextW
SetCursor
GetWindowLongW
LoadCursorW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fca6ebbd9e94498bb41d21ec85f3e408

Headers

File Characteristics

Imports

advapi32

msvcrt

certcli

kernel32

user32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 72KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 72KB

.rsrc
Size: 25KB - Virtual size: 25KB